Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/326130643a623238373a656334323a3a2f34382d3438203d3e20323134393235.roa
File: 326130643a623238373a656334323a3a2f34382d3438203d3e20323134393235.roa (raw, json)
Hash identifier: 9fvE/EKZJ0AUA6jRvgotTKUfh3uMQWCtvLablu7TiLY=
Subject key identifier: 30:B4:96:2B:66:5B:00:AF:29:33:36:69:27:01:49:67:0A:F8:38:6C
Certificate issuer: /CN=88cdd9c193da9185a4ac15b2ade875fe97b6f491
Certificate serial: 0EEB53EE4E3170A2119D0D2079BEE2A067CFB9BB
Authority key identifier: 88:CD:D9:C1:93:DA:91:85:A4:AC:15:B2:AD:E8:75:FE:97:B6:F4:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/326130643a623238373a656334323a3a2f34382d3438203d3e20323134393235.roa
Signing time: Sat 31 Aug 2024 08:56:39 +0000
ROA not before: Sat 31 Aug 2024 08:51:39 +0000
ROA not after: Sat 30 Aug 2025 08:56:39 +0000
asID: 214925
IP address blocks: 2a0d:b287:ec42::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.crl
rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.mft
rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Nov 2024 15:27:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:eb:53:ee:4e:31:70:a2:11:9d:0d:20:79:be:e2:a0:67:cf:b9:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88cdd9c193da9185a4ac15b2ade875fe97b6f491
Validity
Not Before: Aug 31 08:51:39 2024 GMT
Not After : Aug 30 08:56:39 2025 GMT
Subject: CN=30B4962B665B00AF29333669270149670AF8386C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:2f:da:3a:f5:b4:e6:ec:b5:cb:94:61:ac:86:
f0:47:46:f9:dc:d4:90:e0:09:d0:76:71:ad:6c:bd:
3b:a3:b6:8d:bb:98:98:6e:73:df:ca:0f:a7:9c:68:
e8:09:a1:2d:53:e1:12:ae:3a:70:a2:c9:a0:23:f5:
fe:b3:15:84:11:c4:88:ad:be:01:e9:92:e8:2c:5f:
25:8d:93:fd:2c:3b:82:0c:05:9e:75:82:38:cf:13:
44:62:77:48:bf:8f:72:c5:0a:df:70:93:5f:08:8b:
8d:5d:d0:e3:e2:76:ef:74:8e:76:52:df:c2:19:dd:
7e:1e:29:af:3a:c8:ba:db:7e:28:8a:12:66:5c:4d:
02:36:c0:3e:05:d7:b7:43:d7:63:16:d6:6c:f3:1b:
1c:00:55:96:c2:ce:06:9d:e4:b6:e4:37:74:2f:76:
f8:5e:87:0d:19:b3:96:20:d4:36:26:c0:20:d9:af:
0f:8d:65:83:29:55:83:0a:07:2d:b7:61:b0:6f:c7:
ba:c7:6e:3f:16:8f:df:62:95:89:e9:ec:83:80:39:
5e:ab:19:85:1d:f5:dd:5a:62:0e:cb:fa:f2:80:57:
0c:24:d0:af:92:9c:0d:d5:46:38:4e:94:41:ba:d2:
7e:93:9d:ce:09:29:80:7d:1a:9f:7b:37:87:d5:2b:
65:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:B4:96:2B:66:5B:00:AF:29:33:36:69:27:01:49:67:0A:F8:38:6C
X509v3 Authority Key Identifier:
keyid:88:CD:D9:C1:93:DA:91:85:A4:AC:15:B2:AD:E8:75:FE:97:B6:F4:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/326130643a623238373a656334323a3a2f34382d3438203d3e20323134393235.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:b287:ec42::/48
Signature Algorithm: sha256WithRSAEncryption
6c:75:cb:19:ec:4a:1a:cd:bc:1b:8c:68:dd:76:03:1c:ac:b5:
1a:13:71:46:c3:1f:11:22:c8:c6:66:41:15:e9:b9:96:87:89:
81:3d:bb:c7:19:c7:ca:e8:2a:6a:39:70:e0:ae:c6:62:2f:4c:
6f:b5:44:2e:0a:5f:d9:94:c0:e6:35:8e:a1:f8:c7:f8:4b:0d:
62:ff:81:81:6f:42:93:13:4c:ce:98:76:0a:95:35:00:35:a5:
9e:b1:1a:f2:a0:0e:d7:e4:c9:e2:bc:a6:45:2d:de:f3:3b:48:
d0:b0:45:13:be:91:c5:81:58:02:15:51:78:cc:91:a0:16:d9:
44:b3:2b:d6:23:f8:32:01:b6:ba:f8:9d:66:7e:79:6a:c7:5a:
a5:56:22:52:5c:4a:b4:5e:92:95:3f:ff:c1:b7:17:fa:df:3a:
19:90:59:20:30:ae:49:b9:30:be:99:c0:a9:a1:10:62:c4:a7:
4f:b0:1e:f4:7d:e2:f2:e6:5d:27:5e:84:4f:bc:f3:86:ba:3b:
3d:28:cc:f9:ee:0a:04:07:f9:5c:d5:29:d9:43:1f:54:1f:e9:
f4:44:0d:bb:4c:0c:21:1d:fa:9b:59:02:7e:cc:40:fa:ef:54:
2c:dc:51:c2:96:1c:b5:d7:31:78:f3:67:75:ee:0b:5a:b5:92:
35:ce:1a:39
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUDutT7k4xcKIRnQ0geb7ioGfPubswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjZGQ5YzE5M2RhOTE4NWE0YWMxNWIyYWRlODc1ZmU5
N2I2ZjQ5MTAeFw0yNDA4MzEwODUxMzlaFw0yNTA4MzAwODU2MzlaMDMxMTAvBgNV
BAMTKDMwQjQ5NjJCNjY1QjAwQUYyOTMzMzY2OTI3MDE0OTY3MEFGODM4NkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCSL9o69bTm7LXLlGGshvBHRvnc
1JDgCdB2ca1svTujto27mJhuc9/KD6ecaOgJoS1T4RKuOnCiyaAj9f6zFYQRxIit
vgHpkugsXyWNk/0sO4IMBZ51gjjPE0Rid0i/j3LFCt9wk18Ii41d0OPidu90jnZS
38IZ3X4eKa86yLrbfiiKEmZcTQI2wD4F17dD12MW1mzzGxwAVZbCzgad5LbkN3Qv
dvhehw0Zs5Yg1DYmwCDZrw+NZYMpVYMKBy23YbBvx7rHbj8Wj99ilYnp7IOAOV6r
GYUd9d1aYg7L+vKAVwwk0K+SnA3VRjhOlEG60n6Tnc4JKYB9Gp97N4fVK2WtAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUMLSWK2ZbAK8pMzZpJwFJZwr4OGwwHwYDVR0j
BBgwFoAUiM3ZwZPakYWkrBWyreh1/pe29JEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTZhZmYyMzQtNjFjNS00MjkwLThhNmQtNWYyYjkwMjcz
MjJmLzAvODhDREQ5QzE5M0RBOTE4NUE0QUMxNUIyQURFODc1RkU5N0I2RjQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNM1p3WlBha1lXa3JCV3lyZWgxX3Bl
MjlKRS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTZhZmYyMzQt
NjFjNS00MjkwLThhNmQtNWYyYjkwMjczMjJmLzAvMzI2MTMwNjQzYTYyMzIzODM3
M2E2NTYzMzQzMjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzNDM5MzIzNS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoNsofsQjANBgkqhkiG9w0BAQsFAAOCAQEAbHXLGexKGs28G4xo
3XYDHKy1GhNxRsMfESLIxmZBFem5loeJgT27xxnHyugqajlw4K7GYi9Mb7VELgpf
2ZTA5jWOofjH+EsNYv+BgW9CkxNMzph2CpU1ADWlnrEa8qAO1+TJ4rymRS3e8ztI
0LBFE76RxYFYAhVReMyRoBbZRLMr1iP4MgG2uvidZn55asdapVYiUlxKtF6SlT//
wbcX+t86GZBZIDCuSbkwvpnAqaEQYsSnT7Ae9H3i8uZdJ16ET7zzhro7PSjM+e4K
BAf5XNUp2UMfVB/p9EQNu0wMIR36m1kCfsxA+u9ULNxRwpYctdcxePNnde4LWrWS
Nc4aOQ==
-----END CERTIFICATE-----
Generated at Wed Nov 20 23:15:05 2024 by rpki-client on console-fra.rpki-client.org